NPCI has instructed banks to ensure that their ATM networks which are directly integrated with NPCI also get patched up at the earliestPratik Bhakta | ET Bureau | May 16, 2017, 09:45 IST

The central Computer Emergency Response Team of India has ordered banks and the National Payments Corporation of India to update the patch on their systems to ensure their vulnerabilities are plugged.

NPCI has instructed banks to ensure that their ATM networks which are directly integrated with NPCI also get patched up at the earliest, said a person familiar with the instructions.

As the entire world gets concerned with the malware 'Wannacry' the central government agency advised that all Windows systems should be patched up in order to ensure that all holes in their security systems are plugged.

Even NPCI, which manages the country's interoperable ATM switch, issued its own set of advisories instructing banks to patch up systems which are integrated directly with NPCI systems like their ATM switches, said the person who did not want to be identified.

"Since both RBI and Cert-IN have issued guidelines on patch updates we have restricted ourselves to ensuring that all bank systems facing NPCI network are updated with the recommended patch," said AP Hota, managing director of NPCI. "There are very few banks who are still using the Windows based ATM switch hence the risk perception is very low."

Further to ensure that individual laptops or desktops of employees do not remain vulnerable, banks have been instructed to update the patch in all the employee computers connected with their system.

"For employees on leave, we have deactivated their accounts so that once they return from leave they will first have to get their systems checked by risk managers. Only then will they be allowed to log into the network," said Hota.

While banks, the RBI as well as the payment companies are on tenterhooks, bankers said no untoward incident has been reported in the Indian banking system. Bankers said that the Windows patch has been updated already across devices to ensure that vulnerabilities are plugged. They are also maintaining a constant vigil and monitoring their networks closely.

On Monday morning, Cert-IN conducted its own webinar for all citizens spreading awareness about the malware, how it affects computers and what citizens should do during such infections.